[GH-ISSUE #3] Gris CMS v0.1 has Persistent XSS vulnerability #3

New issue

Open

opened 2026-03-02 03:52:02 +03:00 by kerem · 1 comment

kerem commented 2026-03-02 03:52:02 +03:00

Owner

Copy link

Originally created by @ghost on GitHub (Apr 1, 2021).
Original GitHub issue: https://github.com/dignajar/gris/issues/3

A xss vulnerability was discovered in Gris CMS v0.1
There is a Persistent XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML via admin/dashboard

Originally created by @ghost on GitHub (Apr 1, 2021). Original GitHub issue: https://github.com/dignajar/gris/issues/3 A xss vulnerability was discovered in Gris CMS v0.1 There is a Persistent XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML via admin/dashboard <img width="1256" alt="iShot2021-04-01 09 31 54" src="https://user-images.githubusercontent.com/37724890/113232023-f833e180-92ce-11eb-98ab-6c8a9d5e3bb8.png"> <img width="1129" alt="iShot2021-04-01 09 31 39" src="https://user-images.githubusercontent.com/37724890/113232084-0aae1b00-92cf-11eb-80e6-7cea63df0f44.png">

kerem commented 2026-03-02 03:52:03 +03:00

Author

Owner

Copy link

@OS-WS commented on GitHub (May 25, 2021):

Hi,
This issue was assigned with CVE-2021-30082.
Was it ever adressed/ fixed ?

<!-- gh-comment-id:847662055 --> @OS-WS commented on GitHub (May 25, 2021): Hi, This issue was assigned with CVE-2021-30082. Was it ever adressed/ fixed ?

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

0.1

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/gris#3

No description provided.